Skip to main content

Version 2026.01.01

Release Date: January 22, 2026
Kubernetes environment types will be automatically assigned in this release: environments managed through Apinizer will be set as “Managed”, others as “Remote”.
FEATURED NEW FEATURES

  • API Manager Application Authorization System

The authorization system in the Apinizer API Manager application has been renewed. Authorization now works based on the asset category + action model. Components with similar functions have been grouped under asset categories (API Management, Connections, Identity and Access Control, etc.) and specific actions (View, Manage, Deploy/Undeploy, Execute, Export/Import) have been defined for each category. This provides a more flexible, detailed, and secure authorization management. See.

  • Cache Server Definition in Namespace Independent from Gateway

The requirement for worker pods that serve as the gateway function in the Apinizer application infrastructure and Hazelcast pods used for cache operations to be in the same namespace has been removed. Worker pods and cache pods can now be managed in separate namespaces. This provides a more flexible infrastructure configuration. See.

  • Multi-API Portal Support

Support for managing multiple independent API Portals from a single Apinizer installation has been added. This enables offering customized portal experiences for different business units or customer groups. See.

  • Advanced Routing Features

API Gateway routing capabilities have been enriched with Sticky Session (Session Affinity), Exponential Retry Delay, and Active Health Check mechanisms. This makes traffic management more flexible, resilient, and intelligent. See.

  • APIOps Management API Improvements

In line with the vision that all administrative functions of Apinizer can be performed through APIOps Management APIs; full API support has been added for Credential Secrets management, Keys/Keystores operations, and JWK configurations. Additionally, the ability to create and update JWK from certificate, public key, private key, and keystore has been added. See. NEW FEATURES

  • Upstream Sticky Session (Session Affinity)

Sticky Session support has been added to ensure that clients are always routed to the same backend address. Session state management required for backend structures can now work efficiently through the Gateway with Cookie-based, IP Hash, and Hybrid methods. See.

  • Upstream Active Health Check Mechanism

Active Health Check mechanism has been added that periodically checks the health status of backend services. Backend addresses that are not working correctly are automatically removed from traffic and reintroduced when they recover. See.

  • Upstream Exponential Retry Delay

“Exponential Backoff” feature has been added that places increasing delays between retry operations performed in error situations. This provides the necessary time for backend services to recover under heavy load. See.

  • Environment Diagnostic Screen

Diagnostic screen has been added to monitor the operational status, resource consumption, and health metrics of API Gateway environments. (APNZ-5665, APNZ-5649) See.
  • When certificate, public key, private key, or keystore is updated via APIOps Management API, if there is a related JWK, the ability to update these JWKs or delete the relationship has been added. See.
  • Feature has been added to globally enable/disable the display of log details on the API Traffic screen from General Settings. See.
  • Audit logs are now kept for operations involving API Proxy Traffic Log settings.
  • Search options with ends_with and wildcard have been added to FTP Read and List operations. See.
  • Client Route Report has been enhanced to find conflicting path values of API Proxies with similar relative path values.
  • API Portal Overview page has been enhanced. See.
  • Client data read timeout and no-request timeout after connection establishment have been made configurable in Gateway Runtime environments. These parameters allow customization of Gateway pod timeout behaviors. See.
CHANGES AND IMPROVEMENTS
  • Elasticsearch Version Update: ES client version has been upgraded from 7.9.2 to 7.17.29; ES7 and ES8 versions are now fully supported.
  • Global Deploy Improvement: When global policies are updated, an option has been added to deploy only API Proxies that are already published in the relevant environment or all API Proxies. This prevents API Proxies that are not deployed from being accidentally deployed.
  • Asynchronous Operation Resource Management: Thread usage of tasks running asynchronously in Script and API Call policies has been limited, increasing system stability.
  • Detailed confirmation and warning that restart is required for changes to be applied have been added to the API Root Context change section in General Settings. See.
  • Load balancing is now always done locally (per pod). Distributed cache usage has been removed for performance. See.
  • Indication of disabled methods in API Proxy Group has been enabled. See.
  • Styling work has been done on large text areas in areas such as test console and data operations.
  • Detailed confirmation has been added for save&republish operation after entering host alias. See.
  • Visual design improvements have been made on the probe screen of the Kubernetes Resources page. See.
  • Monthly-daily reporting feature has been added to API Portal Usage Statistics.
  • Ability to download account information in Excel format from API Portal Accounts/Developers page has been enabled.
  • In export/import operations via APIOps Management API, “-imported” word is no longer added to DB2API definitions.
  • Customizable Landing Page feature has been added for API Portal. See.
  • In XML Schema Validation policy errors, related element and path information has been added to the error message.
  • Audit logs kept for operations performed with APIOps Management APIs have been detailed.
  • Error messages in API Manager LDAP settings have been made more detailed. More information is now provided in error messages to facilitate troubleshooting. See.
  • Timeout field has been added to LDAP connection configuration. Connection timeout durations are now configurable. See.
BUG FIXES APNZ-5695 : The issue where REST-2-SOAP example bodies were incorrectly created during the transfer of API Proxy Group spec to Postman has been fixed. APNZ-5694 : The issue where Template Message comes empty in REST-2-SOAP-2-REST configurations has been resolved. APNZ-5693 : The issue where example request bodies (Example Request Body) for API Proxies could not be displayed in Test Console has been fixed. APNZ-5687 : The issue where both API Proxy and Proxy Group access were blocked when direct gateway access was restricted has been fixed. APNZ-5685 : The error in the Management API Access URL deletion operation in environment settings has been fixed. APNZ-5684 : The issue where method information belonging to the wrong API Proxy was retrieved in the test console when there were multiple API Proxies created from the same DB2API, Mock API, or Script API has been fixed. APNZ-5682 : The issue where data was not saved after pasting content in new key (Key) definitions in the Secret menu has been fixed. APNZ-5659 : The issue where mandatory fields could be saved without being checked in API Portal settings has been prevented. APNZ-5650 : The issue where the “Headers to be deleted” field in API Call policy was not saved has been fixed. APNZ-5648 : The visual shift that occurred when searching for users on the Project Members page has been fixed. APNZ-5644 : The memory (OutOfMemory) issue that occurred during parsing of very large Swagger/OpenAPI files containing more than 500 endpoints has been resolved. APNZ-5641 : The listing issue that occurred on the gateway environments page when having limited kubernetes service permissions has been fixed. APNZ-5593 : The issue where logo URL redirects in API Portal did not work and could not be customized has been fixed. APNZ-5581 : Deficiencies related to user authorization and data security in API Portal have been resolved. APNZ-5576 : The issue where the trailing ”;” character was deleted in the DB2API SQL query field has been fixed. APNZ-5571 : Thread safety improvement has been made in JSON library usage. APNZ-5570 : Backward compatibility has been provided for the HTTP client class used in custom scripts. APNZ-5567 : The issue where the SOAP binding name changed when the WSDL service address changed has been resolved. APNZ-5565 : The issue where locked users in API Portal could perform operations through the gateway has been prevented. APNZ-5550 : The issue where changes made in API Portal view settings were reset after login has been resolved. APNZ-5535 : The issue where API Proxy traffic trace logs were stored longer than the configured duration has been fixed. APNZ-5509 : The issue where API Proxy traffic trace mode did not automatically close has been fixed. APNZ-5523 : The issue where a successful response was returned when a file was not found in FTP Read policy has been resolved. APNZ-5513 : The issue where SOAP message header deletion was incomplete when the delete header setting was selected in WS-Security Sign Validation policy has been fixed. APNZ-5473 : The issue where port settings were corrupted after SSL was enabled in gateway environments has been fixed. APNZ-5454 : Filtering issues on the Notifications page have been fixed. APNZ-5451 : The issue where API Proxies did not transition to redeploy status when policies were imported to API Proxies has been resolved. APNZ-5447 : Old Proxy Group connections of exported/imported API Proxies have been cleaned up. APNZ-5445 : The warning message displayed in environment type changes has been fixed. APNZ-5435 : Mandatory field markings in WS-Security Sign policy have been fixed. APNZ-5427 : Recording issues on the project edit page have been resolved. APNZ-5413 : Character restrictions and validation errors in the key field entered in environment settings have been fixed. APNZ-5375 : The issue where some policy names appeared in English in Turkish language selection has been fixed. APNZ-5324 : The issue where spaces in the name field in authentication policies were not cleaned has been resolved. APNZ-5317 : The issue where security check (captcha) did not appear when attempting to login with a non-existent user on the API Manager login page has been fixed. APNZ-5211 : The saving issue in certificate updates has been resolved. APNZ-5166 : The user display error on the Rate Limit screen has been fixed. APNZ-5154 : The duplicate deployment issue in role definitions has been resolved. APNZ-5120 : The performance issue in the environment republish operation has been resolved. APNZ-5116 : Character errors in the endpoint address in the quick test tool have been fixed. APNZ-4891 : URL formatting errors in test endpoints have been fixed. APNZ-4674 : The issue where multiple selections were deleted on filtering pages has been resolved. APNZ-4661 : Key listing issues in private key management in the Secret menu have been fixed. APNZ-4653 : The data loss that occurred in Key Source selection in the Secret menu has been resolved. APNZ-4635 : The operation type update error in API Call policy has been fixed. APNZ-4587 : The issue where parameter type changes in the Design tab did not affect the format has been resolved. APNZ-4579 : The pagination deficiency on some report pages has been resolved. APNZ-4350 : The issue where timezone settings were not reflected in notification timestamps has been fixed. APNZ-4240 : Image prefix issues in Kubernetes resource settings have been fixed. APNZ-4129 : The issue where disabled methods in Proxy Group could not be displayed has been fixed. APNZ-4118 : Conditional parameter usage in authentication policies has been improved.